Enabling the ADSI Option
search cancel

Enabling the ADSI Option

book

Article ID: 11255

calendar_today

Updated On:

Products

CA Directory CA Identity Manager CA Identity Governance CA Identity Portal CA Risk Analytics CA Secure Cloud SaaS - Arcot A-OK (WebFort) CLOUDMINDER ADVANCED AUTHENTICATION CA Secure Cloud SaaS - Advanced Authentication CA Secure Cloud SaaS - Identity Management CA Secure Cloud SaaS - Single Sign On CA Security Command Center CA Data Protection (DataMinder) CA User Activity Reporting

Issue/Introduction



How to enable the ADSI option that is by default disabled?

Environment

Release: CAPUEL99000-12.5-Identity Manager-Blended upgrade to Identity &-Access Mgmt Ente
Component:

Resolution

Important! ADSI is not fully supported and by default, is disabled.

WARNING! Do not use the ADSI or non-secure LDAP options in production environments.

The ADSI option allows you to test creating accounts with passwords and is sometimes useful for testing prior to acquiring SSL certificates. 

By default, the option button for enabling ADSI is disabled.
For example, Use LDAP with SSL; use ADSI to set passwords only.

To enable this option, the ADS_ALLOW_ADSI=1 environment variable must be added.

To activate ADSI you need to create and set the environmental value to:
ADS_ALLOW_ADSI=1.
Then restart the Provisioning services.
The option will then be available.

If ADSI does not work, try the following:

  • Install the Windows Support Tools on the Active Directory Services server you want to manage.
  • Run the Provisioning Server in the same domain as the Active Directory server.
  • Confirm that the Preferred DNS server field is set correctly on the Provisioning server.
  • Start the Provisioning service with an ADS-domain -administrator account.
Powered by Wolken Software